Skip to content

Audit Integrity and Non-Repudiation

This page explains how the Identity Operations Platform records security-relevant operations, protects audit integrity with digital signatures, and provides non-repudiation evidence.

Purpose

Audit records in the Identity Operations Platform are designed to answer three core questions:

  • what action was executed
  • who initiated and approved it
  • whether the record can be trusted as unchanged

This enables operational accountability and compliance-ready evidence.

What Is Recorded

For each audited operation, the platform records structured context, including:

  • action type and outcome
  • initiator identity and role/group context
  • managed identity target and target context
  • approval context (approver identity, roles/groups, approval timestamp)
  • execution timestamp
  • tenant context
  • operation metadata (for example request context such as source IP and user agent when available)

The result is a detailed and reviewable audit trail for operator actions.

How Signature Protection Works

Each audit record is signed before it is persisted.

At a high level, the platform:

  1. builds a canonical payload from the audit content
  2. signs that payload using the configured private key
  3. stores signature, signature timestamp, and signature version with the record

Canonicalization ensures deterministic signing input, which is required for stable verification.

How Tamper Evidence Is Ensured

Audit records are verifiable with the corresponding public key. If signed content is changed afterward, signature verification fails.

This provides strong tamper evidence and protects the trustworthiness of retained audit records.

Non-Repudiation Model

Non-repudiation in the Identity Operations Platform is achieved by combining:

  • actor attribution (initiator and approver context)
  • timestamped execution and approval data
  • cryptographic signatures over canonicalized record content

Together, these controls make it substantially harder to deny performed and approved actions after the fact.

Operational and Audit Relevance

The model supports:

  • post-incident reconstruction
  • privileged action review
  • controlled approval traceability
  • compliance evidence generation

This is especially important for high-impact identity operations.

Customer Responsibilities

Customers should:

  1. protect audit signing keys as critical security assets
  2. ensure key backup and recovery procedures are in place
  3. include signature verification checks in audit review workflows
  4. retain audit records according to internal and regulatory requirements

For key rotation, retirement, expiry, and cleanup behavior, see Cryptographic Key Lifecycle.

Summary

The Identity Operations Platform combines structured audit data and cryptographic signatures to provide integrity, accountability, and non-repudiation for identity operations.